What technology area does this patent fall under?

Primary CPC classification H04L63/0853. Mapped technology areas include Electricity.

When was this patent published?

Publication date Thu Jun 24 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Secure authentication based on identity data stored in a contactless card

US2021192494A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2021192494-A1
Application number	US-202017085721-A
Country	US
Kind code	A1
Filing date	Oct 30, 2020
Priority date	Dec 24, 2019
Publication date	Jun 24, 2021
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Systems, methods, articles of manufacture, and computer-readable media for secure authentication based on identity data stored in a contactless card associated with an account. An application may receive an indication specifying to perform an operation. The application may receive encrypted data from the card. The application may receive an indication that the authentication server decrypted the encrypted data. The application may determine a type of data required to authorize the operation. The application may receive data comprising passport data or driver license data from the card. The application may determine that the data satisfies a rule for authorizing the operation and authorize performance of the operation based on the authentication server verifying the encrypted data and the data satisfying the at least one rule.

First claim

Opening claim text (preview).

What is claimed is: 1 . A system, comprising: a processor; and a memory storing instructions which when executed by the processor cause the processor to: receive a request to perform an operation associated with an account; receive encrypted data from a contactless card associated with the account; receive, from an authentication server, a decryption result; determine, based on the decryption result, that the authentication server decrypted the encrypted data; determine a type of authentication data required to authorize the operation; receive, based on the determined type of authentication data, a first data element from the contactless card, the first data element comprising a passport image or a driver license image; determine that the first data element satisfies at least one rule for authorizing the operation; authorize performance of the operation based on the decryption result and the determination that the first data element satisfies the at least one rule for authorizing the operation; and perform the operation based on the authorization. 2 . The system of claim 1 , the memory storing instructions which when executed by the processor cause the processor to: transmit the encrypted data to the authentication server; and determine the type of authentication data based on a type of the operation and at least one rule for the type of the operation. 3 . The system of claim 1 , the memory storing instructions which when executed by the processor cause the processor to: receive a first image of a person captured by an image capture device of the system; compare the first image to the passport image or the driver license image; and determine, based on the comparison, that a similarity of a person in the passport image or the driver license image and the person in the first image exceeds a similarity threshold, wherein the determination the passport image or the driver license image satisfies the at least one rule is based on the similarity exceeding the similarity threshold. 4 . The system of claim 3 , wherein the similarity threshold is based on a type of the operation and at least one rule for the type of the operation, the memory storing instructions which when executed by the processor cause the processor to: determine, based on the similarity exceeding the similarity threshold, that the person in the first image matches the person in the passport image. 5 . The system of claim 1 , wherein the first data element is encrypted when received from the contactless card, the memory storing instructions which when executed by the processor cause the processor to: transmit the encrypted first data element to the authentication server; and receive an unencrypted version of the first data element from the authentication server. 6 . The system of claim 1 , wherein the operation comprises one or more of: (i) viewing attributes of the account, (ii) modifying the attributes of the account, or (iii) processing a transaction using the contactless card. 7 . The system of claim 1 , the memory storing instructions which when executed by the processor cause the processor to: receive, from the contactless card, a digital signature of the first data element; and verify the digital signature based on a public key for the contactless card. 8 . A non-transitory computer-readable storage medium storing computer-readable program code, the computer-readable program code, when executed by a processor of a device, cause the processor to: receive a request to perform an operation associated with an account; receive encrypted data from a contactless card associated with the account; receive, from an authentication server, a decryption result; determine, based on the decryption result, that the authentication server decrypted the encrypted data; determine a type of authentication data required to authorize the operation; receive, based on the determined type of authentication data, a first data element from the contactless card, the first data element comprising a passport image or a driver license image; determine that the first data element satisfies at least one rule for authorizing the operation; authorize performance of the operation based on the decryption result and the determination that the first data element satisfies the at least one rule for authorizing the operation; and perform the operation based on the authorization. 9 . The non-transitory computer-readable storage medium of claim 8 , comprising computer-readable program code executable by the processor to cause the processor to: transmit the encrypted data to the authentication server; and determine the type of authentication data based on a type of the operation and at least one rule for the type of the operation. 10 . The non-transitory computer-readable storage medium of claim 8 , comprising computer-readable program code executable by the processor to cause the processor to: receive a first image of a person captured by an image capture device of the device; compare the first image to the passport image or the driver license image; and determine, based on the comparison, that a similarity of a person in the passport image or the driver license image and the person in the first image exceeds a similarity threshold, wherein the determination the passport image or the driver license image satisfies the at least one rule is based on the similarity exceeding the similarity threshold. 11 . The non-transitory computer-readable storage medium of claim 10 , wherein the similarity threshold is based on a type of the operation and at least one rule for the type of the operation, the medium comprising computer-readable program code executable by the processor to cause the processor to: determine, based on the similarity exceeding the similarity threshold, that the person in the first image matches the person in the passport image. 12 . The non-transitory computer-readable storage medium of claim 8 , wherein the first data element is encrypted when received from the contactless card, comprising computer-readable program code executable by the processor to cause the processor to: transmit the encrypted first data element to the authentication server; and receive an unencrypted version of the first data element from the authentication server. 13 . The non-transitory computer-readable storage medium of claim 8 , wherein the operation comprises one or more of: (i) viewing attributes of the account, (ii) modifying the attributes of the account, or (iii) processing a transaction using the contactless card. 14 . The non-transitory computer-readable storage medium of claim 8 , comprising computer-readable program code executable by the processor to cause the processor to: receive, from the contactless card, a digital signature of the first data element; and verify the digital signature based on a public key for the contactless card. 15 . A computer-implemented method, comprising: receiving, by an application executing on a processor of a device, a request to perform an operation associated with an account; receiving, by the application, encrypted data from a contactless card associated with the account; receiving, by the application from an authentication server, a decryption result; determining, by the application based on the decryption result, that the authentication server decrypted the encrypted data; determining, by the application, a type of authentication data required to authorize the operation; receiving, by the application based on the determined type of authentication data, a first d

Assignees

Capital One Services Llc

Inventors

Classifications

H04L2209/805
Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor · CPC title
H04L63/0853Primary
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
H04L63/0442
wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for public-key encryption H04L9/30) · CPC title
G06Q20/3825
Use of electronic signatures · CPC title
G06Q20/4014Primary
Identity check for transactions · CPC title

Patent family

Related publications grouped by family.

View patent family 73554906

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2021192494A1 cover?: Systems, methods, articles of manufacture, and computer-readable media for secure authentication based on identity data stored in a contactless card associated with an account. An application may receive an indication specifying to perform an operation. The application may receive encrypted data from the card. The application may receive an indication that the authentication server decrypted th…
Who is the assignee on this patent?: Capital One Services Llc
What technology area does this patent fall under?: Primary CPC classification H04L63/0853. Mapped technology areas include Electricity.
When was this patent published?: Publication date Thu Jun 24 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).